php curl 伪造
http://www.yygh.net/index.php
直接表格提交,一直提示账号不存在。应该后台需要验证。
我想伪造Origin的来源。不知道这么设置origin的来源
$ch = curl_init(); //初始化
$this->url = "http://www.yygh.net/usercenter/userinfo_action.php";
$fields = 'actionpost=login&logintype=0&cardtype=1&userid=34262619702200379&pwd=123qwe&validate=cndm&imagesField.x=32&imageField.y=11';
curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式
curl_setopt($ch, CURLOPT_POSTFIELDS,$fields);
curl_setopt($ch, 这里);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名
curl_setopt($ch, CURLOPT_URL, $this->url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出
$this->content=curl_exec($ch);
curl_close($ch);
------解决思路----------------------
<?php<br />$cookie_file = dirname(__FILE__).'/cookie.txt';<br /><br />if(isset($_GET['verification'])) {<br /> $url = 'http://www.yygh.net/include/validateimg.php?' . rand();<br /> $ch = curl_init(); //初始化 <br /> curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); <br /> curl_setopt($ch, CURLOPT_URL, $url);<br /> curl_exec($ch);<br /> curl_close($ch);<br /> exit;<br />}<br />if(! $_POST) {<br /> $url = "http://www.yygh.net/usercenter/userinfo_action.php";<br /> $ch = curl_init(); //初始化 <br /> curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file); //存储cookies<br /> curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0<br /> curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '<br /> curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名<br /> curl_setopt($ch, CURLOPT_URL, $url);<br /> curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出<br /> $content = curl_exec($ch);<br /> curl_close($ch);<br />echo <<< HTML<br /><form method=post><br /><img src='?verification=1' alt="php curl 仿冒" ><br /><input type=text name=code><br /><input type=submit value=ok><br /></form><br />HTML;<br /> exit;<br />}else {<br /> $ch = curl_init(); //初始化 <br /> $url = "http://www.yygh.net/usercenter/userinfo_action.php";<br /> $fields = array(<br /> 'actionpost' => 'login',<br /> 'logintype' => 0,<br /> 'cardtype' => 1,<br /> 'userid' => '330724197712316212',<br /> 'pwd' => '123qwe',<br /> 'validate' => $_POST['code'],<br /> //cndm&imagesField.x=32&imageField.y=11';<br /> );<br /> curl_setopt($ch, CURLOPT_POST, 1);//设置为POST方式<br /> curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); <br /> curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file); //使用上面获取的cookies<br /> curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); //强制协议为1.0<br /> curl_setopt($ch, CURLOPT_HTTPHEADER, array('Expect: ')); //头部要送出'Expect: '<br /> curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4 ); //强制使用IPV4协议解析域名<br /> curl_setopt($ch, CURLOPT_URL, $url);<br /> curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); //返回字符串,而非直接输出<br /> $content = curl_exec($ch);<br /> curl_close($ch);<br /> echo $content; <br />}<br />
![[웹 프런트엔드] Node.js 빠른 시작](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
